zip

package module
v0.0.0-...-bd5cf36 Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Jul 12, 2020 License: BSD-3-Clause Imports: 22 Imported by: 0

README

Go archive/zip plus encryption support

GoDoc Go Report Card

This is a fork of the archive/zip package from the Go standard library which adds support for both the legacy (insecure) ZIP encryption scheme and for newer AES-based encryption schemes introduced with WinZip. It is based on Go 1.14.

This is based on work by Alex Mullins and Yakub Kristianto. The forward-port was done to introduce bugfixes and enhancements, such as missing support for large (>= 4GB) ZIP files like those distributed by VirusShare.

Documentation

Overview

Package zip provides support for reading and writing ZIP archives.

See: https://www.pkware.com/appnote

This package does not support disk spanning.

A note about ZIP64:

To be backwards compatible the FileHeader has both 32 and 64 bit Size fields. The 64 bit fields will always contain the correct value and for normal archives both fields will be the same. For files requiring the ZIP64 format the 32 bit fields will be 0xffffffff and the 64 bit fields must be used instead.

Index

Examples

Constants

View Source
const (
	Store   uint16 = 0 // no compression
	Deflate uint16 = 8 // DEFLATE compressed
)

Compression methods.

Variables

View Source
var (
	ErrDecryption     = errors.New("zip: decryption error")
	ErrPassword       = errors.New("zip: invalid password")
	ErrAuthentication = errors.New("zip: authentication failed")
)

Encryption/Decryption Errors

View Source
var (
	ErrFormat    = errors.New("zip: not a valid zip file")
	ErrAlgorithm = errors.New("zip: unsupported compression algorithm")
	ErrChecksum  = errors.New("zip: checksum error")
)

Functions

func RegisterCompressor

func RegisterCompressor(method uint16, comp Compressor)

RegisterCompressor registers custom compressors for a specified method ID. The common methods Store and Deflate are built in.

func RegisterDecompressor

func RegisterDecompressor(method uint16, dcomp Decompressor)

RegisterDecompressor allows custom decompressors for a specified method ID. The common methods Store and Deflate are built in.

func ZipCryptoDecryptor

func ZipCryptoDecryptor(r *io.SectionReader, password []byte) (*io.SectionReader, error)

func ZipCryptoEncryptor

func ZipCryptoEncryptor(i io.Writer, pass passwordFn, fw *fileWriter) (io.Writer, error)

Types

type Compressor

type Compressor func(w io.Writer) (io.WriteCloser, error)

A Compressor returns a new compressing writer, writing to w. The WriteCloser's Close method must be used to flush pending data to w. The Compressor itself must be safe to invoke from multiple goroutines simultaneously, but each returned writer will be used only by one goroutine at a time.

type Decompressor

type Decompressor func(r io.Reader) io.ReadCloser

A Decompressor returns a new decompressing reader, reading from r. The ReadCloser's Close method must be used to release associated resources. The Decompressor itself must be safe to invoke from multiple goroutines simultaneously, but each returned reader will be used only by one goroutine at a time.

type EncryptionMethod

type EncryptionMethod int
const (
	StandardEncryption EncryptionMethod = 1
	AES128Encryption   EncryptionMethod = 2
	AES192Encryption   EncryptionMethod = 3
	AES256Encryption   EncryptionMethod = 4
)

type File

type File struct {
	FileHeader
	// contains filtered or unexported fields
}

func (*File) DataOffset

func (f *File) DataOffset() (offset int64, err error)

DataOffset returns the offset of the file's possibly-compressed data, relative to the beginning of the zip file.

Most callers should instead use Open, which transparently decompresses data and verifies checksums.

func (*File) Open

func (f *File) Open() (io.ReadCloser, error)

Open returns a ReadCloser that provides access to the File's contents. Multiple files may be read concurrently.

type FileHeader

type FileHeader struct {
	// Name is the name of the file.
	//
	// It must be a relative path, not start with a drive letter (such as "C:"),
	// and must use forward slashes instead of back slashes. A trailing slash
	// indicates that this file is a directory and should have no data.
	//
	// When reading zip files, the Name field is populated from
	// the zip file directly and is not validated for correctness.
	// It is the caller's responsibility to sanitize it as
	// appropriate, including canonicalizing slash directions,
	// validating that paths are relative, and preventing path
	// traversal through filenames ("../../../").
	Name string

	// Comment is any arbitrary user-defined string shorter than 64KiB.
	Comment string

	// NonUTF8 indicates that Name and Comment are not encoded in UTF-8.
	//
	// By specification, the only other encoding permitted should be CP-437,
	// but historically many ZIP readers interpret Name and Comment as whatever
	// the system's local character encoding happens to be.
	//
	// This flag should only be set if the user intends to encode a non-portable
	// ZIP file for a specific localized region. Otherwise, the Writer
	// automatically sets the ZIP format's UTF-8 flag for valid UTF-8 strings.
	NonUTF8 bool

	CreatorVersion uint16
	ReaderVersion  uint16
	Flags          uint16

	// Method is the compression method. If zero, Store is used.
	Method uint16

	// Modified is the modified time of the file.
	//
	// When reading, an extended timestamp is preferred over the legacy MS-DOS
	// date field, and the offset between the times is used as the timezone.
	// If only the MS-DOS date is present, the timezone is assumed to be UTC.
	//
	// When writing, an extended timestamp (which is timezone-agnostic) is
	// always emitted. The legacy MS-DOS date field is encoded according to the
	// location of the Modified time.
	Modified     time.Time
	ModifiedTime uint16 // Deprecated: Legacy MS-DOS date; use Modified instead.
	ModifiedDate uint16 // Deprecated: Legacy MS-DOS time; use Modified instead.

	CRC32              uint32
	CompressedSize     uint32 // Deprecated: Use CompressedSize64 instead.
	UncompressedSize   uint32 // Deprecated: Use UncompressedSize64 instead.
	CompressedSize64   uint64
	UncompressedSize64 uint64
	Extra              []byte
	ExternalAttrs      uint32 // Meaning depends on CreatorVersion

	// DeferAuth being set to true will delay hmac auth/integrity
	// checks when decrypting a file meaning the reader will be
	// getting unauthenticated plaintext. It is recommended to leave
	// this set to false. For more detail:
	// https://www.imperialviolet.org/2014/06/27/streamingencryption.html
	// https://www.imperialviolet.org/2015/05/16/aeads.html
	DeferAuth bool
	// contains filtered or unexported fields
}

FileHeader describes a file within a zip file. See the zip spec for details.

func FileInfoHeader

func FileInfoHeader(fi os.FileInfo) (*FileHeader, error)

FileInfoHeader creates a partially-populated FileHeader from an os.FileInfo. Because os.FileInfo's Name method returns only the base name of the file it describes, it may be necessary to modify the Name field of the returned header to provide the full path name of the file. If compression is desired, callers should set the FileHeader.Method field; it is unset by default.

func (*FileHeader) FileInfo

func (h *FileHeader) FileInfo() os.FileInfo

FileInfo returns an os.FileInfo for the FileHeader.

func (*FileHeader) IsEncrypted

func (h *FileHeader) IsEncrypted() bool

IsEncrypted indicates whether this file's data is encrypted.

func (*FileHeader) ModTime deprecated

func (h *FileHeader) ModTime() time.Time

ModTime returns the modification time in UTC using the legacy ModifiedDate and ModifiedTime fields.

Deprecated: Use Modified instead.

func (*FileHeader) Mode

func (h *FileHeader) Mode() (mode os.FileMode)

Mode returns the permission and mode bits for the FileHeader.

func (*FileHeader) SetModTime deprecated

func (h *FileHeader) SetModTime(t time.Time)

SetModTime sets the Modified, ModifiedTime, and ModifiedDate fields to the given time in UTC.

Deprecated: Use Modified instead.

func (*FileHeader) SetMode

func (h *FileHeader) SetMode(mode os.FileMode)

SetMode changes the permission and mode bits for the FileHeader.

func (*FileHeader) SetPassword

func (h *FileHeader) SetPassword(password string)

SetPassword sets the password used for encryption/decryption.

type ReadCloser

type ReadCloser struct {
	Reader
	// contains filtered or unexported fields
}

func OpenReader

func OpenReader(name string) (*ReadCloser, error)

OpenReader will open the Zip file specified by name and return a ReadCloser.

func (*ReadCloser) Close

func (rc *ReadCloser) Close() error

Close closes the Zip file, rendering it unusable for I/O.

type Reader

type Reader struct {
	File    []*File
	Comment string
	// contains filtered or unexported fields
}
Example
// Open a zip archive for reading.
r, err := zip.OpenReader("testdata/readme.zip")
if err != nil {
	log.Fatal(err)
}
defer r.Close()

// Iterate through the files in the archive,
// printing some of their contents.
for _, f := range r.File {
	fmt.Printf("Contents of %s:\n", f.Name)
	rc, err := f.Open()
	if err != nil {
		log.Fatal(err)
	}
	_, err = io.CopyN(os.Stdout, rc, 68)
	if err != nil {
		log.Fatal(err)
	}
	rc.Close()
	fmt.Println()
}
Output:

Contents of README:
This is the source code repository for the Go programming language.

func NewReader

func NewReader(r io.ReaderAt, size int64) (*Reader, error)

NewReader returns a new Reader reading from r, which is assumed to have the given size in bytes.

func (*Reader) RegisterDecompressor

func (z *Reader) RegisterDecompressor(method uint16, dcomp Decompressor)

RegisterDecompressor registers or overrides a custom decompressor for a specific method ID. If a decompressor for a given method is not found, Reader will default to looking up the decompressor at the package level.

type Writer

type Writer struct {
	// contains filtered or unexported fields
}

Writer implements a zip file writer.

Example
// Create a buffer to write our archive to.
buf := new(bytes.Buffer)

// Create a new zip archive.
w := zip.NewWriter(buf)

// Add some files to the archive.
var files = []struct {
	Name, Body string
}{
	{"readme.txt", "This archive contains some text files."},
	{"gopher.txt", "Gopher names:\nGeorge\nGeoffrey\nGonzo"},
	{"todo.txt", "Get animal handling licence.\nWrite more examples."},
}
for _, file := range files {
	f, err := w.Create(file.Name)
	if err != nil {
		log.Fatal(err)
	}
	_, err = f.Write([]byte(file.Body))
	if err != nil {
		log.Fatal(err)
	}
}

// Make sure to check the error on Close.
err := w.Close()
if err != nil {
	log.Fatal(err)
}
Output:

func NewWriter

func NewWriter(w io.Writer) *Writer

NewWriter returns a new Writer writing a zip file to w.

func (*Writer) Close

func (w *Writer) Close() error

Close finishes writing the zip file by writing the central directory. It does not close the underlying writer.

func (*Writer) Create

func (w *Writer) Create(name string) (io.Writer, error)

Create adds a file to the zip file using the provided name. It returns a Writer to which the file contents should be written. The file contents will be compressed using the Deflate method. The name must be a relative path: it must not start with a drive letter (e.g. C:) or leading slash, and only forward slashes are allowed. To create a directory instead of a file, add a trailing slash to the name. The file's contents must be written to the io.Writer before the next call to Create, CreateHeader, or Close.

func (*Writer) CreateHeader

func (w *Writer) CreateHeader(fh *FileHeader) (io.Writer, error)

CreateHeader adds a file to the zip archive using the provided FileHeader for the file metadata. Writer takes ownership of fh and may mutate its fields. The caller must not modify fh after calling CreateHeader.

This returns a Writer to which the file contents should be written. The file's contents must be written to the io.Writer before the next call to Create, CreateHeader, or Close.

func (*Writer) Encrypt

func (w *Writer) Encrypt(name string, password string, enc EncryptionMethod) (io.Writer, error)

Encrypt adds a file to the zip file using the provided name. It returns a Writer to which the file contents should be written. File contents will be encrypted with AES-256 using the given password. The file's contents must be written to the io.Writer before the next call to Create, CreateHeader, or Close.

Example
contents := []byte("Hello World")

// write a password zip
raw := new(bytes.Buffer)
zipw := zip.NewWriter(raw)
w, err := zipw.Encrypt("hello.txt", "golang", zip.AES256Encryption)
if err != nil {
	log.Fatal(err)
}
_, err = io.Copy(w, bytes.NewReader(contents))
if err != nil {
	log.Fatal(err)
}
zipw.Close()

// read the password zip
zipr, err := zip.NewReader(bytes.NewReader(raw.Bytes()), int64(raw.Len()))
if err != nil {
	log.Fatal(err)
}
for _, z := range zipr.File {
	z.SetPassword("golang")
	rr, err := z.Open()
	if err != nil {
		log.Fatal(err)
	}
	_, err = io.Copy(os.Stdout, rr)
	if err != nil {
		log.Fatal(err)
	}
	rr.Close()
}
Output:

Hello World

func (*Writer) Flush

func (w *Writer) Flush() error

Flush flushes any buffered data to the underlying writer. Calling Flush is not normally necessary; calling Close is sufficient.

func (*Writer) RegisterCompressor

func (w *Writer) RegisterCompressor(method uint16, comp Compressor)

RegisterCompressor registers or overrides a custom compressor for a specific method ID. If a compressor for a given method is not found, Writer will default to looking up the compressor at the package level.

Example
// Override the default Deflate compressor with a higher compression level.

// Create a buffer to write our archive to.
buf := new(bytes.Buffer)

// Create a new zip archive.
w := zip.NewWriter(buf)

// Register a custom Deflate compressor.
w.RegisterCompressor(zip.Deflate, func(out io.Writer) (io.WriteCloser, error) {
	return flate.NewWriter(out, flate.BestCompression)
})

// Proceed to add files to w.
Output:

func (*Writer) SetComment

func (w *Writer) SetComment(comment string) error

SetComment sets the end-of-central-directory comment field. It can only be called before Close.

func (*Writer) SetOffset

func (w *Writer) SetOffset(n int64)

SetOffset sets the offset of the beginning of the zip data within the underlying writer. It should be used when the zip data is appended to an existing file, such as a binary executable. It must be called before any data is written.

type ZipCrypto

type ZipCrypto struct {
	Keys [3]uint32
	// contains filtered or unexported fields
}

func NewZipCrypto

func NewZipCrypto(passphrase []byte) *ZipCrypto

func (*ZipCrypto) Decrypt

func (z *ZipCrypto) Decrypt(chiper []byte) []byte

func (*ZipCrypto) Encrypt

func (z *ZipCrypto) Encrypt(data []byte) []byte

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL